Google Captcha, can something be done to help it with squid?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Google Captcha, can something be done to help it with squid?

Eliezer Croitoru
Hey List,

I got couple complains from couple sysadmins about google forcing their
clients to verify that they are indeed humans in some very horrible ways.
But when they are logged in as a user it's "all good" and the search is
working properly.
These networks are using Squid and BlueCoat for 1k users plus and I am not
sure what to do to ease the clients.
I can verify the clients using a username and password using basic and
digest auth but I am not sure what I can do to make google services
understand that I have no bot in my networks.

Does anyone noticed such an issue? Did anyone found a specific solution for
this?
Maybe some header?

Thanks,
Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: [hidden email]




_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Google Captcha, can something be done to help it with squid?

Yuri Voinov
I guess an issue relevant to BlueCoat, not to Squid.

AFAIK BlueCoat ignores RFC. Squid - not.


04.04.2017 1:45, Eliezer Croitoru пишет:

> Hey List,
>
> I got couple complains from couple sysadmins about google forcing their
> clients to verify that they are indeed humans in some very horrible ways.
> But when they are logged in as a user it's "all good" and the search is
> working properly.
> These networks are using Squid and BlueCoat for 1k users plus and I am not
> sure what to do to ease the clients.
> I can verify the clients using a username and password using basic and
> digest auth but I am not sure what I can do to make google services
> understand that I have no bot in my networks.
>
> Does anyone noticed such an issue? Did anyone found a specific solution for
> this?
With squid there is no issue. Only when Squid is torified, but this as
expected and no issue.
> Maybe some header?
Don't think so. It still seems as BlueCoat-relevant, not Squid.

>
> Thanks,
> Eliezer
>
> ----
> Eliezer Croitoru
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: [hidden email]
>
>
>
>
> _______________________________________________
> squid-users mailing list
> [hidden email]
> http://lists.squid-cache.org/listinfo/squid-users
--
Bugs to the Future

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

0x613DEC46.asc (2K) Download Attachment
signature.asc (484 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Google Captcha, can something be done to help it with squid?

Eliezer Croitoru
Why relevant to BlueCoat and not squid?
It happens for the users for both systems and google clearly states that it's related to this specific ip activity.
(while bing and others works just fine)

Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: [hidden email]



-----Original Message-----
From: squid-users [mailto:[hidden email]] On Behalf Of Yuri Voinov
Sent: Monday, April 3, 2017 10:51 PM
To: [hidden email]
Subject: Re: [squid-users] Google Captcha, can something be done to help it with squid?

I guess an issue relevant to BlueCoat, not to Squid.

AFAIK BlueCoat ignores RFC. Squid - not.


04.04.2017 1:45, Eliezer Croitoru пишет:

> Hey List,
>
> I got couple complains from couple sysadmins about google forcing
> their clients to verify that they are indeed humans in some very horrible ways.
> But when they are logged in as a user it's "all good" and the search
> is working properly.
> These networks are using Squid and BlueCoat for 1k users plus and I am
> not sure what to do to ease the clients.
> I can verify the clients using a username and password using basic and
> digest auth but I am not sure what I can do to make google services
> understand that I have no bot in my networks.
>
> Does anyone noticed such an issue? Did anyone found a specific
> solution for this?
With squid there is no issue. Only when Squid is torified, but this as expected and no issue.
> Maybe some header?
Don't think so. It still seems as BlueCoat-relevant, not Squid.

>
> Thanks,
> Eliezer
>
> ----
> Eliezer Croitoru
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: [hidden email]
>
>
>
>
> _______________________________________________
> squid-users mailing list
> [hidden email]
> http://lists.squid-cache.org/listinfo/squid-users

--
Bugs to the Future

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Google Captcha, can something be done to help it with squid?

Yuri Voinov


04.04.2017 3:10, Eliezer Croitoru пишет:
> Why relevant to BlueCoat and not squid?
> It happens for the users for both systems and google clearly states that it's related to this specific ip activity.
Ah. You don't said it first. So, may be bot behind proxy. Or...... skew
routing to tor-like external IP.

> (while bing and others works just fine)
>
> Eliezer
>
> ----
> Eliezer Croitoru
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: [hidden email]
>
>
>
> -----Original Message-----
> From: squid-users [mailto:[hidden email]] On Behalf Of Yuri Voinov
> Sent: Monday, April 3, 2017 10:51 PM
> To: [hidden email]
> Subject: Re: [squid-users] Google Captcha, can something be done to help it with squid?
>
> I guess an issue relevant to BlueCoat, not to Squid.
>
> AFAIK BlueCoat ignores RFC. Squid - not.
>
>
> 04.04.2017 1:45, Eliezer Croitoru пишет:
>> Hey List,
>>
>> I got couple complains from couple sysadmins about google forcing
>> their clients to verify that they are indeed humans in some very horrible ways.
>> But when they are logged in as a user it's "all good" and the search
>> is working properly.
>> These networks are using Squid and BlueCoat for 1k users plus and I am
>> not sure what to do to ease the clients.
>> I can verify the clients using a username and password using basic and
>> digest auth but I am not sure what I can do to make google services
>> understand that I have no bot in my networks.
>>
>> Does anyone noticed such an issue? Did anyone found a specific
>> solution for this?
> With squid there is no issue. Only when Squid is torified, but this as expected and no issue.
>> Maybe some header?
> Don't think so. It still seems as BlueCoat-relevant, not Squid.
>> Thanks,
>> Eliezer
>>
>> ----
>> Eliezer Croitoru
>> Linux System Administrator
>> Mobile: +972-5-28704261
>> Email: [hidden email]
>>
>>
>>
>>
>> _______________________________________________
>> squid-users mailing list
>> [hidden email]
>> http://lists.squid-cache.org/listinfo/squid-users
> --
> Bugs to the Future
>
--
Bugs to the Future

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

0x613DEC46.asc (2K) Download Attachment
signature.asc (484 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Google Captcha, can something be done to help it with squid?

Amos Jeffries
Administrator
On 4/04/2017 9:51 a.m., Yuri Voinov wrote:
>
> 04.04.2017 3:10, Eliezer Croitoru пишет:
>> Why relevant to BlueCoat and not squid?
>> It happens for the users for both systems and google clearly states that it's related to this specific ip activity.
> Ah. You don't said it first. So, may be bot behind proxy. Or...... skew
> routing to tor-like external IP.
>> (while bing and others works just fine)
>>

I think it is the TOR involvement, I have heard a number of issues
between TOR and Google. But so far very few of simply being behind
Squid. It would have come up a lot more often if simply using Squid with
many clients was an issue.


TOR is a product based around anonymity. Google is a company whose
business model hinges on tracking users. "... and never the twain shall
meet" etc.

The necessary info is embeded into Via and XFF headers a required for
the HTTP part of the journey. There is nothng more Squid can do without
severaly compromising users safety. Further anonymising (ie removing Via
and XFF) makes things a bit worse as the non-TOR users of the proxy get
dragged into the issue.

HTH
Amos

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Loading...